It's not exactly rocket science to add a "browser app" to the Steam system to use certain web sites in an appliance-ish mode, but it's not great for general purpose browsing.
A slightly more advanced browser frontend that offered an experience comparable to Edge on Xbox would be very nice.
> According to The Cybersec Guru, this is an unpatchable problem for Sony, because these keys cannot be changed and are burned directly in the APU.
I'm just speculating at this point, but what could prevent Sony from anticipating this exact situation and burning several keys in the APU? I mean, eFuse is not exactly a new technology. That way, once a key is leaked, Sony could push a firmware update switching the APU to a new key which hasn't been leaked yet.
I have seen some manufacturers enroll multiple manufacturer keys, probably with this notion, but this isn’t useful against almost any threat model.
If keys are recovered using some form of low level hardware attack, as was almost surely the case here, the attacker can usually recover the unused key sets too.
If the chip manufacturing provisioning supply chain is leaky the new keys will probably be disclosed anyway, and if the key custody chain is broken (ie, keys are shared with OEMs or third parties) they will definitely be disclosed anyway.
Wouldn't the other reason to have multiple manufacturer keys, be to guard against them losing the private key for one in a way that means they can't sign anything any more?
I mean, sure, but to what end does that madness lead? Who backs up the backups?
Usually this is to allow different departments / divisions / customers (in the case of an OEM model) to all sign code or encrypt binaries, although this is likewise a bit off as each enrolled key increases the amount of material which is available to leak in the leak model. Or to allow model line differentiation with crossover.
A TPM is a form of HSM (Hardware Security Module).
HSMs come in all sizes, from a chip in your phone (secure element) or even a dedicated part of a SoC chip, to a big box in a datacenter that can handle tons of requests per second.
The idea is having dedicated hardware to protect the private key material. This hardware can execute signing operations, so it can use the key but it can't share the key material itself. It is usually also physically hardened with techniques to extract said keys, like sidechannel attacks based on power draw, X-ray inspection, decapping etc.
The story implies that these are signing keys, so there is no reason for the private halves to be present in the product's silicon in any form. If these were encryption keys stored in a TPM, they'd have been extracted not leaked.
Yes, but console vendors generally prefer not to allow downgrades.
So if v1 is signed by key A, v2 is signed by key B and invalidates key A; a console that installs v2 wouldn't be able to install v1 after, but that's not a problem for Sony.
But, I'm not sure how many companies would be able to manage their keys properly to ensure that someone with access to key A doesn't have access to key B.
If these are asymmetric key pairs and the device side key was extracted from the device... Switching keys wouldn't help, and it's not a huge deal by itself --- having the device side key doesn't allow you to make a firmware image the device would accept.
Fun fact, the Nintendo Switch blows fuses [0] when they do a patch that’s for security/jailbreaking. If I recall there’s something like 12 or 16 fuses they can employ over the life of the product to ensure you can’t rollback updates that prevent piracy. Nvidia builds these fuses into the board.
So if you’ve blown 4 fuses you can’t do a patch that requires only 2 fuses to have blown, it’s a pretty wild solution.
It isn't that wild; the typical name for it is anti-rollback, and you probably have at least one device that implements it. Most Android devices have anti-rollback efuses to prevent installing older versions of the bootchain\bootloader; they might still allow you to downgrade the OS (depends on the vendor, if memory serves). Instead of using efuse counters, anti-rollback counters can also be implemented by Replay Protected Memory Block (RPMB), which is implemented by many flash storage (eMMC often supports RPMB, but other storage types can as well). It is possible to implement anti-rollback mechanisms on x86_64 by utilizing a TPM [0], but as far as I know, only Chrome OS does this.
Wouldn't it be great if companies spent the time and effort needed for all these wonderful things that prevent the owner from using the hardware they own how they see fit and instead invested the resources into making the product better ?
All this is basically a fragile anti-user timebomb that will only generate more avoidable e-waste eventually.
Yeah, that shouldn't happen (although I think I've seen reports of eFuses blowing spontaneously as well as eFuses self-repairing)
If your console blows a fuse before Nintendo intends to, you won't be able to install firmware until a firmware is released that will run with that number of fuses blown. And, depending on how things are implemented, you might not be able to run the firmware that you have either.
Here's an excerpt about the anti-rollback feature from Nvidia's docs on how the Tegra X1 SoC in the switch 1 boots [0] (called Tegra210 in the document)
> By default, the boot ROM will only consider bootloader entries with a version field that matches the version field of the first entry, and will stop iterating through the entries is a mismatch is found. The intent is to ensure that if some subset of the bootloader entries are upgraded, and hence the version field of their entries is modified, then the boot ROM will only boot the most recent version of the bootloader. This prevents an accidental rollback to an earlier version of the bootloader in the face of boot memory read errors, corruption, or tampering. Observe that this relies on upgraded bootloader entries being placed contiguously at the start of the array.
They're on the die. efuses existed on the ps3 and 360 too.
The 360 used them to prevent downgrades, but the ps3 used all of theirs to store bluray drive keys.
I've tried several different mics but eventually settled on a wired headset and Revelator io44 audio interface. The latter one is a goofy brick but it has a TRRS audio jack and built-in DSP so I don't have to fiddle with loopbacks, DAWs and VSTs.
And if I'm not able to lug that brick I can just plug the headset directly into my laptop.
Seems like it doesn't properly handle mouse events on Safari in macOS and only shows "frames with no pointer events". I assume it's because "pointerrawupdate" event is not supported there.
Also it's interesting that with ProMotion enabled it reports 16.67ms per frame (indicating 60Hz redraw rate) in Safari, but in Chrome it's 8.33.
Yes, I rely on pointerrawupdate. Thanks for letting me know! Unfortunately pointermove is typically synced with graphics in my limited experience, and I think I'd rather not show anything than provide wildly inaccurate numbers.
Although it's for gamepads, it's pretty much indispensable in debugging gamepad-related latency issues. For example, I found that my presumably 1000Hz controller can do only 500Hz in ideal conditions and it starts to drop at a much lower distance from the computer than advertised. Neat stuff.
Not all of his translations were nowhere near the original. For example, his translation of Guy Ritchie's Snatch was excellent (in my opinion of course) and is still quoted to this day. I'd say it's the only one that absolutely nails it and then some.
On the other hand, his Lord of The Rings was an "alternative" dub as you described. Didn't watch that one though.
This is better than BFI, although 120Hz demo on my screen looks like it's just alternating two or three parts of the image. Maybe there is a way to use fake interlacing to make it look convincing.
240Hz demo in 144Hz mode looks flickery but much more realistic.
Nope, color bleeding was virtually non-issue with SECAM color encoding. I've grown up in a SECAM country, but we had a lot of PAL content. PAL always looked bad and smudgy in comparison. NTSC was just plain awful and intolerable even by my pre-teen standards.
Are you sure that PAL reception/tapes and possibly "yeah we also do that" PAL implementations were good in your region? I'm from a PAL region and broadcast PAL looked just fine to me. Only VHS PAL looked blurry. VHS's very low horizontal color resolution was a VHS limitation, AFAIK not much to do with how color phase errors were averaged out across lines in PAL vs SECAM.
reply